United States Patent and Trademark Office 



UNITED STATES DEPARTMENT OF COMMERCE 
I nilid Stall-, l'atint and Trademark Office 

Address: COMMISSIONER FOR PATENTS 



APPLICATION NO. 



10/817,154 



FILING DATE 



04/01/200-1 



FIRST NAMED INVENTOR 



John Hal Howard 



27488 7590 03/17/2008 

MERCHANT & GOULD (MICROSOFT) 
P.O. BOX 2903 

MINNEAPOLIS, MN 55402-0903 



ATTORNEY DOCKET NO. CONFIRMATION NO. 



14917.0465US01 



TRAN, TONGOC 



PAPER NUMBER 



DELIVERY MODE 



Please find below and/or attached an Office communication concerning this application or proceeding. 

The time period for reply, if any, is set in the attached communication. 



PTOL-90A (Rev. 04/07) 



l/ffflrC? nVrliUli Otfff Iff ids y 


Application No. 

10/817,154 


Applicant(s) 

HOWARD ET AL. 


Examiner 

TONGOC TRAN 


Art Unit 

2134 





- The MAILING DATE of this communication appears on the cover sheet with the correspondence address — 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1 .704(b). 

Status 

1 )KI Responsive to communication(s) filed on 01 April 2004 . 
2a )□ This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-43 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) |EI Claim(s) _M3 is/are rejected. 

7) 0 Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) Q The specification is objected to by the Examiner. 

10) D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 
Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 

1 1) D The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12) D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 119(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

20 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 



Attach ment(s) 

1) ^| Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) □ Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) Information Disclosure Statement(s) (PTO/SB/08) 5 ) □ Notice of Informal Patent Application 
Paper No(s)/Mail Date 8/10/2004. 12/19/2006.2/1/2008 . 6) □ Other: . 



PTOL-T26 d (Rev e 08-06r 



Office Action Summary 



Part of Paper No./Mail Date 20080221 



Application/Control Number: 1 0/81 7,1 54 Page 2 

Art Unit: 2134 

. DETAILED ACTION 

1 . This Office Action is in response to Applicant's application Serial No. 
10/817,154 filed on 4/1/2004. Claims 1-43 are pending for examination. 

Information Disclosure Statement 

2. The information disclosure statement (IDS) submitted on 8/10/2004, 
12/19/2006 and 2/1/2008 have been considered by the Examiner. 

The materials submitted on 1/15/2008 under MPEP 724.02 (Artifact no. 
10817154XA) has been considered by the Examiner. 

Claim Rejections - 35 USC § 101 

3. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or 
composition of matter, or any new and useful improvement thereof, may obtain a patent 
therefor, subject to the conditions and requirements of this title. 

Claims 29-38, 42 and 43 are rejected under 35 U.S.C. 101 because the 
claims recite "a computer program product". In the Specification, Applicants 
state that "[a]nother implementation of a computer program product may be 
provided in a computer data signal embodies in a carrier wave by a computing 
system and encoding the computer program" (Specification, pages 3). 

35 U.S.C. 101 defines four categories which the congress deemed to be 
the appropriate subject matter of patent: processes, machines, manufactures and 
compositions of matter. The latter three categories define "things" or "products" 
while the first category defines "actions" (i.e., inventions that consist of a series of 
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steps or acts to be performed). A computer program product claim directed to a 
signal is not statutory under 35 U.S.C. 101 because it does not appear to be a 
process, machine, manufacture, or composition of matter, (e.g., In re Nuitjen, 
Docket no. 2006-1371 (Fed. Cir. Sept. 20, 2007); ("A transitory, propagating 
signal like Nuitjen's is not a process, machine, manufacture, or composition of 
matter.' (MPEP, 2105). 



Claim Rejections - 35 USC § 102 

4. The following is a quotation of the appropriate paragraphs of 35 
U.S.C. 102 that form the basis for the rejections under this section made in this 
Office action: 

A person shall be entitled to a patent unless - 

(a) the invention was known or used by others in this country, or patented or described in a printed 
publication in this or a foreign country, before the invention thereof by the applicant for a patent. 

Claims 1-43 are rejected under 35 U.S.C. 102(a) as being anticipated by 
Brickell et al. (U.S. Patent Application Publication No. 2003/0115142, hereinafter 
Brickell). 

With respect to claims 1 , 20 and 39, Brickell discloses a method of 
authenticating an identity of a user seeking access to a relying computing entity, 
wherein the identity of the user is issued by an authentication service and is not 
issued by the relying computing entity, the method comprising (e.g. Fig. 3): 

receiving at a broker service an authentication request from the relying 
computing entity to authenticate the identity of the user, wherein a first trust 
relationship exists between the relying computing entity and the broker service 
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(e.g. Fig. 3, User (302), Relying Party (304), Authorization Server (306), 
Authentication Server (308) and [0036]), 

and a second trust relationship exists between the authentication service 
and the broker service, in the absence of a relevant trust relationship existing 
between the authentication service and the relying computing entity (e.g. [0036]); 

receiving an authentication response from the authentication service, 
responsive to receiving the authentication request at the broker service (e.g. 
[0021], [0036]); and 

sending an authentication response from the broker service to the relying 
computing entity representing a trusted authentication of the identity of the user 
to the relying computing entity based on the first trust relationship and the second 
trust relationship (e.g. [0021], relying party identify user based on authentication 
and authorization). 

With respect to claims 40 and 42, Brickell discloses a method and a 
computer program product of establishing a brokerable trust relationship between 
an authentication broker service and each of a plurality of computing entities, the 
method comprising (Fig. 5 and 6): 

establishing one or more brokered authentication rules governing 
brokered authentication through the authentication broker service (e.g. Fig. 5, 
502 and 504 [0050], Fig. 6, 602, 604, [0057]); obtaining an agreement from each 
computing entity to comply with the one or more brokered authentication rules 
(Fig. 6, 606 [0057], profolio); and configuring the authentication broker service to 
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authenticate identities of one or more users for each computing entity in 
accordance with the one or more brokered authentication rules (e.g. Fig. 5, 504, 
[0050], Fig. 6, 606, [0057]), wherein the one or more users have identities issued 
by one or more authentication services having trust relationships with the 
authentication broker service (e.g. Fig. 5, 506, [0050], Fig. 6, 610, [0057]). 

With respect to claims 41 and 43, Brickell discloses the method and 
computer program product of claim 40 and 42 further comprising: exchanging 
one or more security keys between the authentication broker service and each of 
the computing entities (e.g. [0035]). 

With respect to claims 2 and 21 , Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: 

sending the authentication request to the authentication service, 
responsive to receiving the authentication request at the broker service (e.g. Fig. 
10A, 1002, 1004, 1006). 

With respect to claims 3 and 22, Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: 

collecting a credential of the user, responsive to receiving the 
authentication request at the broker service; and sending the credential to the 
authentication service for validation by the authentication service (e.g. 5, 6 and 
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10A, collecting credential and sending credential is inherently required in order to 
enable authentication server to know who they are to authenticate). 

With respect to claims 5 and 24, Brickell discloses the method and 
computer program product of claims 1 and 20 wherein the broker service and the 
authentication service are hosted by a single computing system (e.g. Fig. 1). 

With respect to claims 6 and 25, Brickell discloses the method and 
computer program product of claims 1 and 20 wherein the broker service and the 
authentication services are hosted within a single computing entity (e.g. Fig. 1). 

With respect to claims 7 and 26, Brickell discloses the method and 
computer program product of claims 1 and 20 wherein authentication account 
information associated with the user and maintained by the authentication 
service is accessible through an interface to the authentication service (e.g. Fig. 
3, 310). 

With respect to claims 8 and 27, Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: 

validating based on the first trust relationship that the authentication 
request was received by the broker service from the relying computing entity 
(e.g. Fig. 10A, 1002 and 1004). 
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With respect to claims 9 and 28, Brickell discloses the method and 
computer program product of claims 1 and 20 wherein other computing entities 
have trust relationships established with the broker service (e.g. [0059]). 

With respect to claims 13 and 32, Brickell discloses the method and 
computer program product of claims 1 and 20 wherein the operation of receiving 
a credential received from the user by the authentication service (e.g. [057]). 

With respect to claims 14 and 33, Brickell discloses the method and 
computer program product of claims 1 and 20 wherein the operation of receiving 
at a broker service an authentication request comprises: receiving the 
authentication request at the broker service as a redirected message through a 
computer system of the user (e.g. 10A, 1002, 1004 and 1006). 

With respect to claims 15 and 34, Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: 

validating a credential received from the user by the authentication service 
(e.g. Fig. 10A, 1014). 

With respect to claims 16 and 35, Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: 

sending a challenge request to the user, responsive to the operation of 
receiving at the broker server an authentication request; and validating a 
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credential received from the user in response to the challenge request (e.g. claim 
32). 

With respect to claims 17 and 36, Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: returning a 
session ticket to the user to allow user access to the relying computing entity 
(e.g. Fig. 10A, 1024). 

With respect to claims 18 and 37, Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: redirecting the 
user to the authentication service based on an identifier of the user (e.g. 5, 502, 
504, 506). 

Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for 
all obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described 
as set forth in section 102 of this title, if the differences between the subject matter sought to 
be patented and the prior art are such that the subject matter as a whole would have been 
obvious at the time the invention was made to a person having ordinary skill in the art to which 
said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

Claims 3 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Brickell (U.S. Patent No (U.S. Patent Application Publication No. 2003/0115142). 
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With respect to claims 4 and 23, Brickell does not explicitly disclose the 
method of claims 1 and 20 wherein the credential cannot be interpreted by the 
broker service. However, Brickell discloses transmitting user keying information 
from a user to the registration server instead of the authorization server before it 
is sent to the authentication server (e.g. Fig. 4). Furthermore, having a separate 
server to register a user is old and well known. Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to 
incorporate the teaching of transmitting user keying information from user to the 
authorization server (broker) instead of the registration server before transmitted 
to the authentication server taught by Brickell to support a dedicated device for 
user registration purposes to prevent user registration from being slow down by 
other processes. 

With respect to claims 1 0-1 2 and 29-31 , Brickell does not explicitly 
disclose the method and computer program product of claims 1 and 20 wherein 
the first trust relationship represents an agreement between the broker service 
and the relying computing entity to comply with one or more brokered 
authentication rules as recognizing assertions provided by the broker server; 
exchanges of one or more security keys between broker service and relying 
computing entity. However, establishing agreement to comply with 
authentication rules (i.e. authentication protocol or key exchanges) between 
communicating devices over the network is old and well known. It would have 
been obvious to one of ordinary skill in the art at the time the invention was made 
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to implement the well known feature of establishing agreement between devices 
to comply with authentication rules and exchanging of keys with authentication 
services associating with a user taught by Brickell to ensure compatibility of 
authentication protocol between devices for secure communication over unsafe 
network. 

With respect to claims 19 and 38, Brickell discloses the method and 
computer program product of claims 1 and 20 further comprising: 

translating the authentication response received from the authentication 
service into a protocol recognized by the relying computing entity (e.g. Fig. 10A, 
1022). 

Conclusion 

6. Any inquiry concerning this communication or earlier communications from 
the examiner should be directed to TONGOC TRAN whose telephone number is 
(571)272-3843. The examiner can normally be reached on 8:30-5:00. 
If attempts to reach the examiner by telephone are unsuccessful, the 
examiner's supervisor, Kambiz Zand can be reached on (571 ) 272-381 1 . The 
fax phone number for the organization where this application or proceeding is 
assigned is 571-273-8300. 
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Information regarding the status of an application may be obtained from 
the Patent Application Information Retrieval (PAIR) system. Status information 
for published applications may be obtained from either Private PAIR or Public 
PAIR. Status information for unpublished applications is available through 
Private PAIR only. For more information about the PAIR system, see http://pair- 
direct.uspto.gov. Should you have questions on access to the Private PAIR 
system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll- 
free). If you would like assistance from a USPTO Customer Service 
Representative or access to the automated information system, call 800-786- 
9199 (IN USA OR CANADA) or 571-272-1000. 
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